The invention relates to a method for introducing a service key into a terminal.
In traffic telematics, services which are subject to a charge, i.e. service information in the form of traffic updates, traffic forecasts, navigation aids etc., are transmitted in encrypted form from a central control station to a respective terminal belonging to a service user. Only a terminal with a service key for service data transmitted for one or more booked services from the central control station to the terminal is able to decrypt the service data relating to the respective service and make it available to the user of the terminal. Coding is necessary, in particular, if service data is transmitted from the central control station to terminals via a public communication channel, e.g. a radio channel. Even when service data is transmitted via a private communication channel, such as a mobile radio short message channel (GSM.SMS), an authenticity check of the terminal for the central control station is necessary or data encrypted in the central control station needs to be decoded by a key in the terminal.
Methods are known in which a secret feature which can be used for authenticity checking when contact is made between a terminal and a central control station providing a service or for coding/decoding service data transmitted from the central control station to the terminal is introduced into the terminal by a terminal manufacturer and is transmitted to the central control station providing the service. For this purpose, however, a communication channel which is secure against tapping is necessary between the terminal manufacturer and the central control station. Transmission of secret features involves considerable logistical effort and the risk of errors.
The object of the present invention is to enable, simply, inexpensively, efficiently and as reliably as possible, a service key for decrypting service data transmitted in encrypted form by a central control station to be introduced into a terminal.
According to the invention, a central control station service key relating to one or more services can be introduced into a terminal simply, efficiently and reliably. The result of encrypted transmission between the central control station and the terminal and of the algorithms, whose results are identical for the same initialization key (particularly with a random number generator), in the central control station and in the terminal programming device on the manufacturer""s premises is a high level of security against tapping. If the initialization value and the decoding key are introduced into a terminal by the terminal programming device (of a manufacturer etc.), and the initialization key is then transmitted from the terminal (for example via a channel secured against tapping, such as a telecommunication channel, particularly a mobile radio channel) to the central control station, no communication between the manufacturer and the central control station when the key is introduced is necessary at all now. This means that the method is very simple, the administrative effort for the manufacturer is significantly reduced, and errors are avoided.
The terminals can, in particular, be telematic terminals, central control station can be a traffic information center, and the service data can, in particular, be traffic telematic data (such as traffic information, traffic forecasts, navigation aids etc.).
The method according to the invention can be implemented using different public-key/private-key coding/decoding methods. In this context, the decoding key corresponds to a private key and the coding key corresponds to a public key.
The efficient RSA method is particularly suitable. In addition, other public-key/private-key methods involving discrete logarithms, elliptical curves, the Knapsack algorithm and others can also be used.
The service key can be transmitted from the central control station to a terminal using different encryption/decryption methods. In addition to asymmetrical methods (public key/private key), symmetrical methods can also be used. The DES method is relatively quick for decoding, with average reliability.
The algorithm, which is implemented identically or identically in terms of result in the terminal programming device of a manufacturer and in the central control station, can contain, in particular, a pseudo random number generator. The pseudo random number generator always supplies the same output value when a specific initialization value is input. If a random number generator is used to produce a coding key and a decoding key on the basis of the RSA method, the numbers supplied by an arbitrary random number generator, for example, can be used to produce prime numbers such that the prime numbers which are next highest in respect of the supplied random numbers are produced. In this context, two prime numbers, preferably with a value higher than 10100, are input using the random number generator and a downstream algorithm for inputting into the RSA coding/decoding key generator. In addition, a standardized prime number generator can also be used directly. The coding key and the decoding key correspond to the two output values of an RSA key generator.
Transmission between the terminal and the central control station expediently takes place by telecommunication, particularly by mobile radio. It is particularly simple and, in terms of automatization ability, efficient for transmission to be in the form of a digital mobile radio short message, for example GSM-SMS.